← Autoridad de Certificacion Firmaprofesional cases
Bugzilla #1368171
Certificate Problem Report
Firmaprofesional: Non-audited, non-technically-constrained intermediate certificates
RESOLVED
Autoridad de Certificacion Firmaprofesional
AI Summary
This case addresses concerns regarding intermediate certificates issued by Firmaprofesional that are not audited and lack technical constraints. The certificates in question chain up to a root certificate in Mozilla's store, raising compliance issues. The CA has been noted for its failure to meet disclosure requirements, leading to discussions about the necessity of audits and revocations. Ultimately, the certificates have been added to OneCRL, indicating a resolution to the compliance issues raised.
Chronology
- Case opened regarding non-audited certificates.
- Discussion on audit compliance and certificate revocation.
- Further investigation into compliance and audit requirements.
- Confirmed that certificates have been added to OneCRL.
Participants
Kathleen Wilson
Oscar Conesa
Ryan Sleevi
Gervase Markham
External References
Similar Local Cases
GoDaddy: New GoDaddy incorrect issuance bug appears to be regression of 2010 issue
TurkTrust: Non-audited, non-technically-constrained intermediate certs
Camerfirma: Startcom are issuing by proxy using Camerfirma
Camerfirma: Startcom are issuing by proxy using Camerfirma
GlobalSign: Incapsula issued a certificate for non-existing domain (testslsslfeb20.me)
DigiCert: Non-BR-Compliant OCSP Responders
DigiCert: TI Trust Technologies Global CA issued certificate with no subject alternative name extension
GoDaddy: improperly encoded certificate issued by Go Daddy Secure Certification Authority